S3

Question 1

Is S3 Object based

Answer 1

Yes!

Question 2

Is S3 suitable for running an OS or hosting a DB?

Answer 2

No, object storage only

Question 3

What is the max size of a single file that can be transferred?

Answer 3

5 tb

Question 4

What is the storage limit in S3?

Answer 4

Unlimited

Question 5

Is S 3 a universal namespace?

Answer 5

Yes, so it is not tied to regions and must be named completely uniquely from all other s3 buckets out there

Question 6

What is a Key for S3?

Answer 6

The object name, eg ralphie.jpg

Question 7

What is a value is S3

Answer 7

The data itself, which is made up of a sequence of bytes

Question 8

What is a version ID

Answer 8

Allows storage of multiple versions of the same object

Question 9

What is metadata in S3

Answer 9

Data about the data you are storing, content type, last modified, etc.

Question 10

Are S3 buckets private by default?

Answer 10

Yes, when created a bucket and all contents are private by default.

You have to allow public access on both the bucket & its objects in order to make them public

Question 11

When to use an Object ACL?

Answer 11

These are used to make individual objects public

Question 12

Bucket Policies

Answer 12

Security policy for your bucket and can be used to make an entire bucket public

Question 13

HTTP Status Code

Answer 13

When you upload and object to S3 & it’s successful you will get an http 200 code

Question 14

What to know for hosting static websites in S3

Answer 14

Use a bucket policy to make the bucket public

You can only host static content NOT dynamic

S3 automatically scales with demand

Question 15

What version of an object does S3 store?

Answer 15

All versions are stored in S3. This includes writes and even if it’s deleted

Question 16

Can versioning be disabled once enabled in S3?

Answer 16

No, once enable versioning can only be suspended

Question 17

Can lifecycle rules be integrated with a bucket that has versioning?

Answer 17

Yes, life cycle rules can be integrated and MFA is supported as well

Question 18

S3 Standard Storage Tier

Answer 18

99.99% available

11 9’s durable

In > or =to 3 AZs

Suitable for most workloads (website, content distribution, mobile gaming, gaming apps, and big data)

Question 19

S3 Std. IA Storage Tier

Answer 19

99.99% Available

11 9’S durable

> = 3 AZs

Long term infrequently accessed critical data. Backups, data store for disaster recovery files, etc

Question 20

S3 1 Zone IA Storage Tier

Answer 20

99.5% Available

11 9’s durable

1 AZ

Long term infrequently accessed data that is non critical

Question 21

S3 Glacier Storage Tier

Answer 21

99.99% available

11 9’s durable

> = 3 AZs

Long term data archiving that occasionally needs to be accessed within a few hours or minutes

Question 22

S3 Glacier Deep Archive Storage Tier

Answer 22

99.99% available

11 9’s durable

> = 3 AZs

Rarely accessed data archiving with a default retrieval time of 12 hours

Question 23

S3 Intelligent Tiering

Answer 23

99.99% available

11 9’s durable

> = 3 AZs

For unknown or unpredictable access patterns

Question 24

What is S3 lifecycle manage,ent used for?

Answer 24

Automates moving objects between different storage tiers

Can be used in conjunction with versioning

Can be applied to current and previous versions

Question 25

What is S3 object lock?

Answer 25

Object lock is used to store objects using the worm model, write once read many

Can be applied to individual objects or across a bucket as a whole

Comes in Governance Mode and Compliance Mode

Question 26

What is object lock governance mode?

Answer 26

Users can’t overwrite or delete an object version or alter its lock settings without special permissions

Question 27

What is object lock compliance mode?

Answer 27

A protected version can’t be overwritten or deleted by any user, including the root user

Question 28

Glacier Vault Lock

Answer 28

Allows easy deployment and enforcing of compliance controls for individual S3 glacier vaults with a vault lock policy.

You can specify controls such as WORM in a vault lock policy & lock the policy from future edits. Once locked the policy can’t be changed

Question 29

S3 Encryption In Transit

Answer 29

Uses SSL, TLS, HTTPS

Question 30

S3 Encryption @ Rest (needs further review)

Answer 30

Server Side Encryption

SSE-S3 (AES 256 bit)

SSE-KMS

SSE-C

Question 31

Client Side Encryption

Answer 31

You can choose to encrypt files before uploading them to S3 with your own encryption tool

Question 32

Can you enforce encryption with a bucket policy?

Answer 32

Yes, a bucket policy can deny all PUT requests that don’t include the ‘X-amz-server-side-encryption’ parameter in the request header

Question 33

What are prefixes and why are they important?

Answer 33

Prefixes are the sub folders in an s3 bucket (they come after the bucket name)

They are important because the more prefixes you have the better performance your bucket can have due to it being able to handle more requests at once

Question 34

What number of requests per second can you get with prefixes?

Answer 34

3500 put/copy/post/delete requests a seconds

and

5500 get / head requests per second per prefix

Question 35

Performance Limits with KMS

Answer 35

Uploading and downloading count towards your KMS quota

Requests per second is region specific and can be 5500, 10000, or 30000

You cant request a quota increase on KMS atm

Question 36

Why use multi part uploads?

Answer 36

To increase performance when uploading files to S3

Multi-part uploads should be used for files over 100 mb and must be for files over 5gb

Question 37

When to use S3 byte range fetches?

Answer 37

Use S3 byte range fetches to increase performance when downloading files to S3

Question 38

What is S3 bucket replication / cross region replication?

Answer 38

You can use it to replicate objects from one bucket to another

Objects in an existing bucket are not automatically replicated

Delete markers are not replicated by default